Categories

CWE NAME LAST 12M LOW MEDIUM HIGH CRITICAL TOTAL VULNS
CWE-270 Privilege Context Switching Error
The software does not properly manage privileges while it is switching between different contexts that have different privileges or spheres of control.
0 0 1 0 1
CWE-527 Exposure of CVS Repository to an Unauthorized Control Sphere
The product stores a CVS, git, or other repository in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors.
0 1 0 0 1
CWE-391 Unchecked Error Condition
[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.
0 1 0 0 1
CWE-24 Path Traversal: '../filedir'
The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize ../ sequences that can resolve to a location that is outside of that directory.
0 1 0 0 1
CWE-233 Improper Handling of Parameters
The software does not properly handle when the expected number of parameters, fields, or arguments is not provided in input, or if those parameters are undefined.
0 1 0 0 1
CWE-201 Information Exposure Through Sent Data
The code transmits data to another actor, but the data contains sensitive information that should not be accessible to the actor that is receiving the data.
0 1 0 0 1
CWE-334 Small Space of Random Values
The number of possible random values is smaller than needed by the product, making it more susceptible to brute force attacks.
0 1 0 0 1
CWE-789 Uncontrolled Memory Allocation
The product allocates memory based on an untrusted size value, but it does not validate or incorrectly validates the size, allowing arbitrary amounts of memory to be allocated.
0 1 0 0 1
CWE-256 Unprotected Storage of Credentials
Storing a password in plaintext may result in a system compromise.
0 1 0 0 1
CWE-126 Buffer Over-read
The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
0 0 0 1 1